In Brief
DMLConnect is a data management company which means that we source data from partner businesses and resell that data to organisations to help them manage their businesses, and to allow other business to resell the data. This privacy policy explains how we obtain, process and share personal data about consumers. This section briefly summarises the key processing activities that we carry out. For more detail about these activities please refer to the rest of this privacy policy.
DML Connect works with a number of partners who collect the data from individuals via online competitions, comparison websites, lifestyle clubs, and offer websites. We supply data to third party organisations for them to use data or resell datato carry out debt recovery, collection and enforcement, identification ID verification, credit and risk management, , revenue collection, database tracing activities (for example to collect debts or to reunite people with assets), affordability and vulnerability assessment and efficient planning and fulfilment of direct marketing campaigns. All data is owned by the contributing source partner through which the data was originally collected and any partner can choose to withdraw access to it at any time.
We are committed to being transparent about how your personal data has been collected, how we use your data, how we keep your data safe, and your rights to access, amend, object or delete the data we hold about you. We hope that this privacy notice explains that clearly. If you feel there is a question that is not answered here, or if you would like more information about how we process your data, you can contact us at any time by emailing compliance@datamixx.co.uk or writing to us at the address above.
Who we are
DML Connect (DML) is a trading name of DataMixx Limited
Our address is:
DML Connect
The Smithy
Peper Harow Park
Godalming
Surrey
GU8 6BQ
We are a registered company in England and Wales under company number 10432250.
Our ICO registration number is ZA212218.
Purpose of data processing
DML specialises in the careful management and centralisation of consumer databases in order to support our legitimate interests. This covers the sharing of data to support our clients to carry out the following activities :
Debt recovery, collection and enforcement
This is where organisations want to collect money that is owed to them (or owed to organisations that they work on behalf of). For example, if a customer of one of these organisations has got an new email address or mobile phone number but has not informed the organisations, then we may provide them with up to date email and mobile phone numbers to assist them with this legitimate business purpose.
Identity verification
Organisations will use the data processed by DML to check the identity of an individual. This is typically done by matching databases together to ensure all details match
Credit and risk management
Using data for credit and risk management allows financial institutions to make more informed decisions, reduce losses, and improve profitability. It involves a combination of data collection, advanced analytics, and compliance with regulations to effectively manage and mitigate risks. By leveraging modern technologies and methodologies, organisations can stay ahead in the ever-evolving financial landscape.
Revenue collection
Organisations will use the data processed by DML to identify a contact method to track down an individual to recoup money/ revenue owed to an organisation. This typically involves matching a customer’s database to DML’s and enhancing it with contact details such as a telephone number, email or postal address.
Database tracing activities
This is typically needed where a person has moved address or changed their telephone number and has not provided their new contact details. The data is used to support organisations’ debtor tracing activity and debt recovery and collection.
The data is also used to find people in order to let them know about assets that they may have forgotten about or not be aware of, such as old dormant savings accounts or pension funds, or to find people to let them know about assets of a deceased person which they have an interest in, such as administrators or beneficiaries of a deceased person’s estate).
Affordability and vulnerability
Affordability and Vulnerability involves leveraging personal and financial information to assess needs, provide support, and ensure fair access to services.
Using data for this allows organisations to provide targeted, effective support to those in need while ensuring that resources are used efficiently. Proper management of data, with strong privacy and security measures, is essential to maintain trust and compliance with legal requirements to support end clients and their customers.
Efficient planning and fulfillment of direct marketing campaigns.
The sending of relevant marketing communications
Verification and enhancement of customer and marketing databases
Enhance targeting relevance through market research, analysis, segmentation, and profiling
Credit reference agencies, identity verification, fraud prevention service providers, consumer brands, and marketing service providers, and other service providers use us when they wish to rent data on defined and controlled usage terms without having to go to multiple different sources.
All data partners are declared to clients to enable source audits and undergo due diligence checks prior to using their data.
Where do we get your data from?
We compile our database using carefully vetted partners who have collected your data through:
Online Competitions
Online Comparison Websites
Online Lifestyle Clubs
Online Offer websites
DML Connect only works with partners we think you can trust with your data. In each case, we ensure that our partners have collected your data fairly and compliantly and that you have been informed that your data will be shared with DML Connect (normally in their own privacy notice). In addition, we ensure that they have been clear and transparent about the purposes for which DML Connect will use your data.
You have the right to withdraw your consent or object to our processing of your data at any time by contacting us using the details in the ‘Who are we” section at the top of this policy.
A full list of data partners will be provided upon request.
What type of data do we hold?
We hold the personal data that you have provided to our data partners. This may vary from partner to partner, but this includes names, addresses, emails, telephone numbers, dates of birth, lifestyle and demographic data, insurance renewal month (where provided), whether children are present, and whether they are under 16 (this is a simple flag, not data about the children)
We do not hold or process any of the following data about you:
Financial data
Credit scores
Health information
Political preferences
Religious preferences
Sexual preferences
Data relating to children
What we use your data for
Use of postal address data
We make your postal address available for organisations to use for fraud prevention and identity verification.
Unless registered with the MPS (Mail Preference Service) we will also share your address for direct marketing by post, based on the demographic information provided by you at sign up to the data partner.
Use of telephone data
We make your telephone number(s) available for organisations to use for fraud prevention and identity verification and debt recovery, collection and enforcement.
Unless registered with the TPS (Telephone Preference Service) we will also share your telephone number for direct marketing by live marketing call based on the demographic information provided by you at sign up to the data partner, but not for SMS or automated call marketing.
Use of email
We make your email address available for organisations to use for fraud prevention and identity verification and debt recovery, collection and enforcement and customer acquisition.
Use of Dates of Birth
We make your Date of Birth available for organisations to use for Identity verification, data enhancement and customer acquisition
Use of Lifestyle ad demographic data
We make your Lifestyle ad demographic data available for organisations to use for data enhancement and customer aquisiton
Use of Insurance renewal month
We make your Insurance renewal month available for organisations to use for customer aquisition
Use of Child present flag
We make Child present flags available for organisations to use for data enhancement.
If you give permission to be contacted by advertisers via email, DML Connect help to identify relevant advertisers and supports the email communication to you based on the demographic information provided by you at sign up to the data partner.
DML Connect does not sell this information outright to any advertiser. Emails you might receive will be sent on behalf of the source to whom you have given your consent to be contacted and will be identified as having originated from the source you provided consent to.
This approach is described as a 'host emailing' where the 'sender' represents the holder of your consent for such communications. Emails received will be clearly identified as having originated from the original data controller and their contact details will also be provided, as well as the opportunity to unsubscribe from emails from that organisation.
Digital use of Data
We share product data directly with brands and via agencies. We also share data (usually in a form where individuals cannot be directly identified) with other marketing companies such as social media and programmatic platforms. We make sure the recipients of our data are reputable entities by conducting appropriate checks on them. Before we share our data we enter into written agreements with recipients which contain terms that safeguard the data.
We also use data on an ad hoc basis to assist with law enforcement queries or UK Missing Person queries.
Who we share your data with
We share the data you provide with a number of organisations for example, credit reference agencies, identity verification, fraud prevention service providers, consumer brands, marketing service providers, credit/ financial companies and other service providers. They may combine, analyse and profile your information and share this information with other organisations for the purposes of:
-
debt collection
-
debt recovery
-
debt enforcement
-
fraud prevention
-
tracing / locating you
-
verifying your identity
-
verifying the information they hold about you is correct
-
assessing affordability and vulnerability
-
credit risk management
-
efficient planning and fulfilment of direct marketing campaigns
List of organisations working with Data Mixx (for example)
What is our lawful basis for processing your data?
We process your email data for marketing purposes under the consent you have provided to our data partners when they collected your data. If you wish to withdraw your consent please contact us and we will suppress your details.
We use the lawful basis of legitimate interests as a business or those of a third party, for the sharing of (non-MPS) postal information and (non-TPS) telephone numbers for marketing purposes, and email data for the purposes of fraud prevention, tracing, and ID verification.
We use the legitimate interests of third parties for the sharing of your name, address, email and telephone data for debt recovery, collection and enforcement services.
How long do we keep your data?
The period for which we use personal data varies depending on the individual contract terms with our data partners. When our data partner sends us a refreshed file, any data beyond that partner’s retention period will no longer be in the file, meaning that DML will no longer hold it. Additionally, when DML stop working with a partner, we remove that data from our active systems, and then retain it for a period of 6 months for the purposes of Rights fulfillment (see below), before it is deleted fully.
We also need to retain information if there is a statutory retention period required for legal and regulatory reasons.
How do we keep your data safe?
DML Connect has appropriate technical and organisational measures in place to restrict access to data and these are monitored regularly. We are Cyber Essentials Plus Certified, and systems are pen tested on an annual basis. Access to your personal information is strictly controlled on a ‘need to know’ basis. Staff members are only allowed access to your personal data if they have been sufficiently trained in data management.
Where is your data stored?
We store your personal information in an Amazon Web Service cloud environment located in the UK. We do not transfer your data to any country outside this area.
Your rights
Under data protection law you have many Rights:
Access
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
You can read more about this right here
Rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete the information you think is incomplete. This right always applies.
You can read more about this right here
Erasure
You have the right to ask us to erase your personal information in certain circumstances.
You can read more about this right here
Restriction
You have the right to ask us to restrict the processing of your information in certain circumstances.
You can read more about this right here
Object
You have the right to object to processing if we process your information under legitimate interests.
You can read more about this right here
Portability
This only applies to the information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you.
You can read more about this right here.
In most cases, we have one month to respond to you.
You also have the right to complain to the Information Commissioner’s Office whose address is Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Their website can be found at https://ico.org.uk
Data Protection Officer
Our Data protection officer can be contacted by emailing:
Or writing to us at:
Data Protection Officer
DML Connect
The Stables
Peper Harow Park
Godalming
Surrey
GU8 6BQ
Tel: 01483 941590
We keep this Privacy Policy under regular review. This policy was last reviewed on 20 June 2024.